[Pkg-openssl-devel] slurm-llnl key vulnerability
oliva.g at na.icar.cnr.it
oliva.g at na.icar.cnr.it
Mon May 19 00:40:34 UTC 2008
Hi I'm the maintainer of slurm-llnl a resource management system.
The software make use of a rsa public key pair generated by openssl.
Users generate their keys with the following commands:
openssl genrsa -out /etc/slurm-llnl/slurm.key 1024
openssl rsa -in /etc/slurm-llnl/slurm.key -pubout -out \
/etc/slurm-llnl/slurm.cert
I would like to check if the key is vulnerable in the package
installation scripts and warn the user about this problem. I have seen
that ssh do something similar with the ssh-vulnkey command.
Can I use their fingerprints database?
How do I generate the fingerprint from my keys?
Thanks for your help.
Regards.
--
Gennaro Oliva
More information about the Pkg-openssl-devel
mailing list